More and more WirelessSniffers are becoming available. These could be quite useful. If you are aware of one that we don't have listed, know more about one then we do or have comments/thoughts about them please list them here.

WiFiFoFum

Open Source / Free

Airsnort (Linux / Windows 2000 / BSD?)

http://airsnort.shmoo.comAirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. A beta version for Windows NT/2000 is provided at http://winairsnort.free.fr where source codes on MSVisual C++ are also available.

Airosniff by ninsei research labs (FreeBSD)

http://gravitino.net/~bind/code/airosniff/ Airosniff can be used to assist in the identification of wireless networks by sniffing SSIDs. Airosniff, for the Cisco Aironet card allows one to seek out wireless networks, auto-config the card for sniffing and perform access point vendor identification.

I haven't actually used this yet as I don't have a Cisco card. but it looks interesting (and free). -- EliabHelon "FreeBSD Only!", from ~bind's home page -- DonPark

Airview (Windows 2000 /Windows XP)

http://airview.sourceforge.net/ Airview is designed for capturing and analyzing network packets on wireless 802.11a/b/g and TCP/UDP Ethernet networks. It gathers information from the wireless or LAN adapter and decodes the analyzed data. AirView does not need pre-installed packet capture drivers instead of other wireless sniffers. Network adapters supported : Wireless Wifi 802.11b - Ethernet (802.3) - Token-Ring - FDDI - WAN (modem). Airview is free for download and is open source ! Source code for Delphi is also available at Sourceforge at http://airview.sourceforge.net/.

ClassicStumbler (Mac OS 8.5 to 9.2.2)

ClassicStumbler is a Macintosh program which scans the airwaves for all Wi-Fi networks within range. It provides a graphical display of networks, their conditions, and detailed information including encryption status, signal and noise levels, and whether or not the network is ad-hoc. Connect to available networks from within the application. (Click ClassicStumbler for more info.)

iStumbler (Mac OS X)

"iStumbler is a free, open source tool for finding wireless networks and devices with your AirPort or Bluetooth equipped Macintosh. iStumbler combines a compact user interface with a real time display of signal strength and complete debugging information"

Prism2Dump (*BSD)

This is a tool that puts a Prism2Card into the wireless equivalent of promiscuous mode. I believe there is a Linux version around somewhere as well but I'm not sure where. -- AdamShand

Prism Dump (??)

http://developer.axis.com/software/tools/ ... Anyone got more info on this? I'm assuming this refers to the prismdump utility from Axis Communications, which "is a program intended for use with Intersil's PRISM-II based wireless LAN (WLAN) adapters and Ethereal (version 0.8.14 or later)". It captures 802.11 traffic and saves it in libpcap format, so the captures can be read by the current version of Ethereal (see above) and the 3.7 beta and current CVS versions of tcpdump (see below). -- Guy Harris ( guy@alum.mit.edu )

TCPDump (Linux or FreeBSD)

http://www.tcpdump.org/ ... Install Linux and tcpdump on your computer. Run tcpdump. See all the network traffic of your wireless net. tcpdump doesn't care that it is a wireless net, so you only see the network traffic, not the 802.11 specific information. Works great.

My understanding is that this is not quite the same, the Linux box can only see what it can associate with and I'm not sure you get promiscuous mode. The wireless sniffers above will actually sniff everything that's out there and show you all the ESSID's and channels in use, signal strength etc. For straight IP debugging though tcpdump is a great cheap alternative. -- AdamShand

True - You don't get all the same features that the commercial products offer. It only will give you information on networks that you associate with. However you can put the wireless network card into promiscuous mode and sniff all the IP traffic that is going across it, even between two other computers. Also even if the AP has MAC address security, you can still sniff the packets going across the network, you just can't send any packets out. (Tested with Mac Airport (Client), UGate 3300 AP in BSS Mode, and Linux Laptop with Lucent Gold Card) -- TerrySchmidt

The current CVS version of tcpdump (available from the www.tcpdump.org Web site), and the 3.7 and later versions, can dissect raw 802.11 packets; the current CVS, and 0.7 and later, versions of libpcap allow it (and Ethereal) to capture raw 802.11 packets on Linux and FreeBSD systems with the appropriate drivers (as per the comment in the section on Ethereal). -- Guy Harris ( guy@alum.mit.edu )

wavemon (Linux)

http://www.jm-music.de/projects.html A text-mode/curses wireless utility. Shows basically all the iwconfig info in a screen that refreshes itself. It also has a histogram of signal strength and a list of in-range APs, although I have yet to see that feature work. Its the best text-mode way Ive seen of monitoring signal strength and thats what I use it for. -- DonPark wavemon 0.3.3 has problems with multiple wireless interfaces, the -i option is broken. A bug report has been submitted to the author. You can get a useful (but not as pretty) display by issuing the command 'watch "cat /proc/net/wireless"'.

Wellenreiter

http://www.remote-exploit.org/projects.php Did you ever try to scan for any networks on the road. Try Wellenreiter. Wellenreiter is a gtkperl program that makes the discovery and the audit of 802.11b wireless-networks much easier. It has an embedded statistic engine for the common parameters provided by the wireless drivers which enables you to fetch the detail about the consistency and signal strength etc of the network.For discover accesspoints / networks / ad-hoc cards, Wellenreiter got an amazing easy scanner window. It searches for any accesspoint in the range of the scanning device. It detects and differs essid boradcasting or non-broadcasting wireless networks in every channel,doing frequency switching automatically. The manufactor is detected by the devices MAC-Address. WEP detection is also implemented and Wellenreiter detects and differs wherever the xx=== pong.exe (Windows) ===

I've been playing with this lately, and there's at least one caveat. Both 1.0 and 1.1 will work with LucOrinAvaya cards, provided you install their custom driver. However, 1.0 will not fully decode upper level protocols. All packets will only be displayed as their 802.11 types. --AndrewWoods

Grasshopper from Berkeley Varitronics (~$2800)

http://lists.bawug.org/pipermail/wireless/2001-March/000540.html "Grasshopper[tm] is a handheld, wireless receiver designed specifically for sweeping and optimizing Local Area Networks. The instrument measures coverage of direct sequence CDMA networks which operate on the IEEE 802.11b standard allowing the user to measure and determine the AP (AccessPoint), PER (Packet Error Rate) and RSSI signal levels aiding in locating the hub and access points throughout a building. Grasshopper detects and differentiates from narrow-band multipath interferences such as microwave ovens and frequency hopping systems and features a built-in display, keypad and removable battery pack for true portability."

Sniffer Wireless from Network Associates (Windows $10,000's)

http://www.sniffer.com/products/wireless/default.asp?A=5 "Sniffer Wireless was designed in accordance with the IEEE 802.11b interoperability standard. It includes network monitoring, capturing, decoding, and filtering-all the standard award-winning Sniffer Pro features you already know and appreciate. Sniffer Wireless also provides the most comprehensive 802.11b solution to the unique aspects of wireless networks. Sniffer Wireless is the industry-first Wireless LAN management tool that can spot security risks in real-time, identify network problems efficiently and reduce network-operating costs."

Sniffer Wireless has the worst interface of any sniffer of any variety that I've ever used. 100% menu driven; you cannot double-click or right-click on anything to drill into anything else. Filters also need to be manually entered and cannot be created on the fly. It is not possible to view live packet streams; all analysis must be done on saved captures. On top of that, to get Sniffer's Wireless offering, you must first license software sniffer for over $20,000. That said, it does collect and report on some obscure RF metrics. -- (9/9/02 Jim Kirby) I agree, Sniffer has a horrible interface, and it's too expensive. I have used both this and Aeropeek. Aeropeek is a better solution. (James Berry 11/02)

Where have you been living? Are you still using the DOS version of Sniffer? The 4.5 and newer is the best it has ever been, you can double click and you can create filters on the fly. Even better is that 4.8 that came out this month (Dec 02) is the ONLY 802.11A sniffer around. (Tom Simpson 12/02) I don't leave home without it.

Teletronics 2MB & 11MB Card and Utility Software (<$100.00)

Teletronics has a nice color coded bar graph type, realtime monitor for watching 2.4GHz activity in a given area. It works only on their 2 & 11meg cards By using directional and/or omnidirectional antennas you can see how much RF activity is in a given area. Very inexpensive and quite functional for initial site surveys (updated 12-31-01 RickLindahl)

Sniff-em (~$115)

Sniff'em is a competitively priced, performance minded Windows based Packet sniffer, Network analyzer and Network sniffer, a new network management tool designed from the ground up with ease and functionality in mind. Sniff-em can capture WiFi frames from the top layer only.

NetChaser (formerly WiFinder), (PalmOS/Tungsten C) Shareware $10

Handy and feature packed. Logs finds, stamps with GPS if attached, shows Signal, WEP, ESSID as well as MAC, Last Seen and a few more bits of info. Saves logs on poweroff or exiting. Logs are in CSV for use in other programs. Works great on the Tungsten C, though lots of use will drain your battery, so have a car charger handy if your wardriving. -- TomHiggins

Turn on the "Blank screen while scanning" option under "Advanced Settings" and the batteries last quite a while. I did two hours of scanning and only got down to 78% battery charge. In addition, I get pretty acceptable range. Currently, only runs on a Palm Tungsten C (which rule, btw) --jgw

Packet Sniffer SDK (PSSDK) library set is the most powerful component suite for network packet capture in Windows OS family environment. No pre-installed packet drivers are required;Packet Sniffer SDK supports all modern development environments for Windows; Using Packet Sniffer SDK the developer does not need to create special network drivers or to learn internal implementation of the network functionalities in all Windows family operating systems.